>But openssl 1.1 has a different situation: Akamai and the Core
>Infrastructure Initiative have come together to sponsor development
>and maintenance of openssl since we switched, which means that there's
>higher quality maintenance occuring now. They are also working on a
>relicensing process, much like the libressl guys are doing, which has
>a larger scope[1]. Meanwhile, the libressl guys have been removing
>functionality we depend on, such as support for hardware accelerators
>(ENGINE apis), switching from 64-bit TAIN date calculations to time_t
>(because time_t is good enough on OpenBSD) and dropping openssl 1.0.1
>APIs they see as unsuitable.
>
>libressl promised to retain compatibility with 1.0.1g APIs, but has
>failed to do so.

These arguments sound reasonable, so despite having lobbied for the
switch to libressl at the time, I have no objection to switching back
to openssl now.